Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
SinanProjectCT
is a Python library to access the Ctrader trading platform's FIX API.
The library has been tested on Python 3.7 to 3.9.
To install the latest version of SinanProjectCT
, you can use pip:
pip install SinanProjectCT -U
Or if you want to install from source, you can use:
pip install git+https://github.com/Omer_CP/SinanProjectCT.git
To access your API, follow these simple steps:
Open the cTrader desktop or web platform.
In the bottom left corner of the platform, you will find the Settings option. Click on it.
A popup window will appear. In the menu of the popup, look for the last option: FIX API.
First, click on the Change Password button. Make sure to add a numeric password of at least 8 digits.
After changing the password, click on the Copy to Clipboard button from Trade Connection.
Now, let's move to the Trade Connection section. Here, you will receive your data in the following format (this is an example with IC Markets for a real account):
from SinanProjectCT import Ctrader
server="168.205.95.20" # - Host name: (Current IP address 168.205.95.20 can be changed without notice)
account="live.icmarkets.1104926" # - SenderCompID: live.icmarkets.1104926
password="12345678" # - The password you configured
api = Ctrader(server,account,password)
api.isconnected()
api.logout()
api.subscribe("EURUSD", "GBPUSD")
quote = api.quote()
print(quote)
# Output
{'EURUSD': {'bid': 1.02616, 'ask': 1.02618}, 'GBPUSD': {'bid': 1.21358, 'ask': 1.21362}}
quote = api.quote("EURUSD")
print(quote)
# Output
{'bid': 1.02612, 'ask': 1.02614}
# Buy position
price = api.quote()
price = price['EURUSD']['bid']
symbol = "EURUSD"
volume = 0.01 # position size:
stoploss = round(price - 0.00010,6)
takeprofit = round(price + 0.00010,6)
id = api.buy(symbol, volume, stoploss, takeprofit)
print(f"Position: {id}")
# sell position
price = api.quote()
price = price['EURUSD']['bid']
symbol = "EURUSD"
volume = 0.01 # position size
stoploss = round(price + 0.00010,6)
takeprofit = round(price - 0.00010,6)
id = api.sell(symbol, volume, stoploss, takeprofit)
print(f"Position: {id}")
# Buy limit order
symbol = "EURUSD"
volume = 0.01 # order size
price = 1.18 # entry price
id = api.buyLimit(symbol, volume, price)
print(f"Order: {id}")
# Sell limit order
symbol = "EURUSD"
volume = 0.01 # Order size
price = 1.22 # entry price
id = api.sellLimit(symbol, volume, price)
print(f"Order: {id}")
# Buy stop order
symbol = "EURUSD"
volume = 0.01 # order size
price = 1.22 # entry price
id = api.buyStop(symbol, volume, price)
print(f"Order: {id}")
# Sell stop order
symbol = "EURUSD"
volume = 0.01 # order size
price = 1.18 # entry price
api.sellStop(symbol, volume, price)
positions = api.positions()
print(positions)
orders = api.orders()
print(orders)
orders = api.orders()
for order in orders:
api.orderCancelById(order['ord_id'])
for position in positions:
api.positionCloseById(position['pos_id'], position['amount'])
api.cancel_all()
api.close_all()
api.positionPartialClose(id, volume)
Due to certain limitations of the FIX API, there's a specific issue that arises when both the Stop Loss (SL) and Take Profit (TP) features are used concurrently. This issue occurs when one of them is triggered, the other remains open and will execute when the price reaches the specified level again, causing it to open another order. This issue needs to be addressed either within the SinanProjectCT library or the application itself.
However, you can avoid this problem by using either the SL or TP, but not both simultaneously.
We welcome any contribution to SinanProjectCT
. Here are some ways to contribute:
Before submitting a pull request, please make sure your codes are well formatted and tested.
I would like to express my gratitude to @HarukaMa for creating the initial project. Their work has been an invaluable starting point for my modifications and improvements.
FAQs
Ctrader Fix API
We found that SinanProjectCT demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.